Lucene search
K

25 matches found

RedhatCVE
RedhatCVE
added 2026/04/01 11:0 p.m.5 views

CVE-2026-34540

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow HBO in icMemDump when iccDumpProfile attempts to dump/describe malformed tag contents. The issue is observable under...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References1
NVD
NVD
added 2026/03/31 10:16 p.m.3 views

CVE-2026-34540

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow HBO in icMemDump when iccDumpProfile attempts to dump/describe malformed tag contents. The issue is observable under...

6.2CVSS0.00156EPSS
Exploits1References3
CVE
CVE
added 2026/03/31 10:3 p.m.7 views

CVE-2026-34540

The CVE concerns iccDEV ICC color management libraries. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow in icMemDump() when iccDumpProfile tries to dump/malformed tag contents. The out-of-bounds read is observed under AddressSanitizer in icMemDump(...) at IccPro...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.4 views

PT-2026-29388

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow HBO in icMemDump when iccDumpProfile attempts to dump/describe malformed tag contents. The issue is observable under...

6.2CVSS5.8AI score0.00156EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2026/03/03 12:24 a.m.3 views

SUSE CVE-2026-28418

Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...

5.3CVSS5.9AI score0.0022EPSS
Exploits0References3
OSV
OSV
added 2026/02/27 10:16 p.m.2 views

ALPINE-CVE-2026-28418

Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...

5.5CVSS6AI score0.0022EPSS
Exploits0References1
OSV
OSV
added 2026/02/27 10:16 p.m.5 views

ALPINE-CVE-2026-28419

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...

6.6CVSS6AI score0.00168EPSS
Exploits0References1
OSV
OSV
added 2026/02/27 10:16 p.m.2 views

DEBIAN-CVE-2026-28419

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...

6.6CVSS5.8AI score0.00168EPSS
Exploits0References1
OSV
OSV
added 2026/02/27 10:16 p.m.5 views

UBUNTU-CVE-2026-28418

Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...

5.5CVSS6.2AI score0.0022EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/02/27 10:2 p.m.24 views

CVE-2026-28419 Vim has Heap-based Buffer Underflow in Emacs tags parsing

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...

5.3CVSS0.00168EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/27 10:2 p.m.2 views

CVE-2026-28419 Vim has Heap-based Buffer Underflow in Emacs tags parsing

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...

5.3CVSS6AI score0.00168EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/27 10:2 p.m.9 views

CVE-2026-28419

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...

6.6CVSS6AI score0.00168EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2026/02/27 9:58 p.m.4 views

CVE-2026-28418

Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...

5.5CVSS5.8AI score0.0022EPSS
Exploits0
CVE
CVE
added 2026/02/27 9:58 p.m.239 views

CVE-2026-28418

Vim (before 9.2.0074) is affected by a heap-based buffer overflow in the Emacs-style tags file parser. When processing a malformed tags file, Vim can read up to 7 bytes beyond the allocated memory boundary due to out-of-bounds reads. The issue is fixed in Vim version 9.2.0074. No exploitation det...

5.5CVSS6AI score0.0022EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/27 9:58 p.m.1 views

CVE-2026-28418 Vim has Heap-based Buffer Overflow in Emacs tags parsing

Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...

4.4CVSS6AI score0.0022EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-2784

Malware in sbrugna...

4.3CVSS6.4AI score0.01752EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/16 12:57 a.m.12 views

CVE-2024-45516

An issue was discovered in Zimbra Collaboration ZCS 9.0.0 before Patch 43, 10.0.x before 10.0.12, 10.1.x before 10.1.4, and 8.8.15 before Patch 47. A Cross-Site Scripting XSS vulnerability in the Zimbra Classic UI allows attackers to execute arbitrary JavaScript within the user's session,...

6.1CVSS5.8AI score0.00345EPSS
Exploits0References1
Snyk
Snyk
added 2025/04/26 9:41 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview markdownify is a Convert HTML to markdown. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when processing malformed HTML tags. An attacker can cause excessive memory consumption by causing heading tags with very large values to be...

6.9CVSS6.8AI score0.00181EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2024/04/30 9:59 a.m.5 views

gstreamer-plugins-good: integer overflow leading to heap overwrite in FLAC image tag handling

A heap-based buffer overflow vulnerability was found in the FLAC parser in GStreamer. This issue occurs when processing malformed image tags, which could allow a malicious third party to induce a crash in the application and potentially execute code by manipulating the heap...

8.8CVSS6.1AI score0.01537EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/03/28 9:0 a.m.5 views

expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution

A flaw was found in expat. Passing one or more namespace separator characters in the "xmlns:prefix" attribute values made expat send malformed tag names to the XML processor on top of expat. This issue causes arbitrary code execution depending on how unexpected cases are handled inside the XML...

9.8CVSS7.3AI score0.33936EPSS
Exploits0References5
Rows per page
Query Builder